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Why are we doing what we are doing? 
The State of IT Now 

Security Today 

The Future of Security 

How Qualys is Leading the Way 
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IT Transformation < 


Infrastructure & Application 


Digital Transformation 


Holistic Transformation of 
Business to Digital A ረ/:ስ በከ 


Cloud, Containers, laaS, PaaS, 
OT, lloT, lol, Mobility, Web 
apps, APIs, Mobile Apps 
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Hybrid Cloud Overview Architecture 
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On-Premise 


Containers 


Real game changer 


Hypervisor disappearing, bare 
metal is back 


Kubernetes Infrastructure-as-code 
Container-as-a-Service AWS Fargate 


AWS Lambda function-as-a-service, 
serverless! 


Kubefed? 


“Priceliae tor Containers] 
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DevOps 


This is real and highly contagious 


Developer decides how 
infrastructure runs in production 


Speeds up significantly how fast 
code goes to production 
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On-Prem 


Shrinking Datacenter Footprint 
Increasing OT & lloT 
Corp IT - more distributed & mobile 


More loT! 
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Enterprise 
Mobility != BYoD 


Enterprise owned handheld devices 
Indispensable to modern business 


Running apps handling sensitive 
business & consumer data 


Mobile! 
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Web Apps & APIs 


Web Apps for the humans 
APIs for the inhumans 


Wide window into all your data 
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SaaS 


More aaS everywhere 
No infrastructure to manage 


No Applications to code or manage 
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SaaS 


Lead the charge 


against bloated 
d software. 
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Security 
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November 13, 1984 


PC Magazine about IBM PC AT 


“The AT provides the first real system for allowing 
executives to sleep at night: 


A hard-to-duplicate ‘tubular’ key locks all but key holders 
out of the system” 
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34 years later 


No magic key = No sleep at night! 
Same challenges x 10 


No visibility across global hybrid == 
infrastructure A | 


Still need to do Vulnerability & L À 
Configuration management 


Still need to monitor integrity of systems(?) 


More data incoming into “SIEM” 
deployments 


Basically no visibility to respond 


Compliance demands on new infrastructure 
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Future of Security 


Transparent Orchestration 


Built-in Automation the only real 
solution 


Starts in DevOps 


New generation of Security Analytics 
platforms 
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Oualys 
Platform Approach 


Embracing our own Digital 
Transformation 


Massive expansion of backend for 
visibility - 620 Billion security 
datapoints indexed 


Comprehensive coverage of 
sensors - scanners, agents, cloud 
connectors, container Sensors, 
passive sniffers and mobile agents 
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Oualys 
Platform Approach 


Extending solutions into 
remediation & response 


Building dedicated Data science 
team 


Rapid expansion of R&D org 


Key technology acquisitions & 
Investments 
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Acquisitions & Investments 


Nevis Passive Scanning & Secure Access Control 
Netwatcher Event Correlation Platform 
1Mobility Enterprise Mobility 
Layered Insight Built-in Runtime Container Security 
42Crunch Investment API Security 


Frog 1 


Frog 2 
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Qualys Cloud Apps 


| ASSET MANAGEMENT | MANAGEMENT 


Asset Inventory CMDB Sync Cloud Inventory Certificate Inventory 


Maintain full, instant visibility of all your Synchronize asset information from Inventory of all your cloud assets across Inventory of TLS/SSL digital certificates on 
global IT assets Qualys into ServiceNow CMDB AWS, Azure, GCP and others a global scale 


Vulnerability Management Threat Protection Continuous Monitoring Indication of Compromise 
Continuously detect and protect against Pinpoint your most critical threats Alerts you in real time about network Continuously monitor endpoints to detect 
attacks, anytime, anywhere and prioritize patching irregularities suspicious activity 

Container Security cra| Certificate Assessment 
Discover, track, and continuously protect Assess all your digital certificates for TLS/ 
containers SSL vulnerabilities 


| COMPLIANCE MONITORING | MONITORING 


Policy Compliance PCI Compliance File Integrity Monitoring Security Configuration Assessment 
Assess security configurations of IT Automate, simplify and attain PCI Log and track file changes across global IT Automate configuration assessment of 
systems throughout your network compliance quickly systems global IT assets 
Cloud Security Assessment Security Assessment Questionnaire 
Get full visibility and control across Minimize the risk of doing business with 
all public cloud instances vendors and other third parties 


| WEB APPLICATION SECURITY| APPLICATION SECURITY 


Web Application Scanning Web Application Firewall 


Secure web applications with end-to-end Block attacks and virtually patch web 
protection application vulnerabilities 
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04 2018 — more apps to come 


O 2018 : 2019 


Patch Management - beta Global IT Asset Management 
(managed assets) - GA 


| 


Passive Network Senor 
(unmanaged assets) - beta 
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2019 - even more apps to come! 


Secure Enterprise Mobility 
Secure Access Control 

API Security 

Software Composition Analysis 
Breach and Attack Simulation 


Security Data Lake & Correlation Platform 
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nified Dashboards 
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Dashboards DASHBOARD 
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Conform 


ቅ Last 30 Days Y (+) 
TOP 5 DES ÉDITEURS DE LOGICIELS EN FIN DE VIE VULNERABILITES TOTALES PAR SEVERITE 
‘Symantec 
Oracle ES | 8.19K 


719K 
Mozilla 
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Microsoft 


CORRECTIFS MANQUANTS PAR PLATEFORME INSTANCES AVEC VULNÉRABILITÉ 0-DAY SANS CORRECTIF DISPONIBLE 


Server 2016: 3400 
Windows 7: 1200 
Server 2012: 872 
Server 2008: 4300 
Windows 10: 3200 


V 1.45% 


: E © Qualys. 
TOP 5 DES POLITIQUES DE SÉCURITÉ DÉFAILLANTES VUE D' ENSEMBLE DES LICENCES 


It's the Platform! 


(a real one) 


Qualys Cloud Platform 


Looking Under the Hood: What Makes Our Cloud 
Platform so Scalable and Powerful 


Cloud Platform Environment 


Security at scale on hybrid clouds 


15+ products providing 
comprehensive suite of security 
solutions 


10,300+ customers 


7 shared cloud platforms across 
North America, Europe & Asia 


70+ private clouds platforms 


deployed globally... on-prem, AWS, 


Azure, GCP 
16+ PB storage and 16,000 cores 
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Gloud Platform Highlights 


1+ trillion security events annually 
3+ billion scans annually 


2.5+ billion Messages daily across 
Kafka clusters 


620+ billion data points indexed in 
our Elasticsearch clusters 


Unprecedented 2-second visibility 
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Oualys Gloud Platform 


Sensors, Data Platform, Microservices, DevOps 


Application Services / Shared Services / Stream & Batch Processing / Reporting / Analytics 


ew ያ መ መ é5, | ረጀ m o. TE Le Q ceph 


| 
« Dm me 5 
cassandra ዜጋ Q9 redis cassandra |... ጠሪ QD 0? redis ወጠ O I 6272 redis cassandra 


N, 
ኣ 


-ጄ=. ቭ EUM aa. AI, 
© ` 4 ጄ ላ / = ^ / ` ኒ ላ / ላ 
7 E 7 ኣ 7 3 E ኣ © / i ረ / ኣ © À 4 ay 1 

e ^. ያ iJ ” ^. p ›ን e 


(9 © ZO) © TEO: 


Cloud Passive Scanners Scanners Appliances Virtual Scanners Internet Scanners 
Agents © Qualys. 


Oualys Sensor Platform 


Scalable, self-updating & centrally managed 


Physical 


Legacy data centers 
Corporate infrastructure 


Continuous security and 
compliance scanning 
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Virtual 
Private cloud 
infrastructure 
Virtualized Infrastructure 


Continuous security and 
compliance scanning 
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Cloud/Container 


Commercial laaS & Paas 
clouds 


Pre-certified in market 
place 


Fully automated with 
API orchestration 


Continuous security and 
compliance scanning 


© 


Cloud Agents 


Light weight, multi- 
platform 


On premise, elastic 
cloud & endpoints 


Real-time data collection 


Continuous evaluation 
on platform for security 
and compliance 


Passive 


Passively sniff on 
network 


Real-time device 
discovery & 
identification 


dentification of APT 
network traffic 


Extract malware files 
rom network for 
analysis 


[ወ] 


API 


Integration with Threat 
Intel feeds 


CMDB Integration 


Log connectors 


Data Platform-as-a-Service 


Right database for the right use 
case 


* Highly scalable architecture 
* Predictable performance at scale 
* Distributed and fault-tolerant 


e Multi-datacenter support e 
* Open-source cassandra 
e Commodity hardware eo elastic 
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@ceph neo.) 


© Qualys. 


Data Platform-as-a-Service 


Asynchronous, 
event-driven 
architecture 


Foundation for 
Gualys Cloud 
Platform 


Over 2.5 billion 
messages per day 


¿le elastic 
Elasticsearch 


Search for anything 


Over 620 billion 
data points indexed 


Estimating about | 
trillion data points 
be year end 


GIF Cassandra 


Cassandra 


Low latency 
storage 


Source of truth for 
data across 
multiple products 


SB redis 


Redis 
In-memory cache 


Improved system 
performance for 
frequently 
accessed data 


@) ceph 


Ceph 
Object storage 


Moving Oracle and 
in-house blob 
storage into Ceph 


Microservices & Cloud Native Architectures 
Reduce risk and ship faster 


Change how we design and build 


k p j ARG. =a. 
applications and services ኒወ፦-ላው)| 0/5 
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e Monoliths to microservices 

* Well defined APIs 

e Packaged in containers e መላ O | 6 
* Deployed on elastic infrastructure ——— — 
e 12-Factor apps 

e CI/CD, Service Registry, Config Servers 


kubernetes 
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DevOps - Increased Efficiency 


Goal is to make software 
delivery vastly more efficient 


Supporting about 80 shared 
and private cloud 
deployments 


ua amazon 
kB webservices 


“M © ) IBM Cloud 


Google Cloud Platform 
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Automation - Infrastructure as Code 


Treat systems running your 


software as if they themselves 
ጨራ kubernetes 
are software POSSET 


Automate v Terraform ANSIBLE 
e Infra provisioning | 
* Configuration management V Vault Ci Consul 


* Deployments... _ 
@ Jenkins 


.. all using code 
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Monitoring Systems - Observability 


Centrally monitor across all 


platforms using a single-pane ቁ Prometheus 15 Grafana 
d = elasticsearch b logstash K kibana 
End-to-end monitoring using 
* [ime series metrics 

* Distributed tracing pagerduty  ፤ catchpoint: 
* | og aggregation & analytics 

* Alerting 


A. nppDunamics 88 kafka splunk> 
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Integrated Security - DevSecOps 


Built-in security practices " 
across the DevOps lifecycle vti E Cet 


Qualys-on-Qualys roro wie anse 
e Manage vulnerabilities 


| VM SCA | | TP PC IOC 
e Secure and shield web apps 
* Validate file integrity (Fm) 
e Monitor systems 
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Oualys Gloud Platform 


of Applications 
, Authentication Authorization Subscription Indexing Data Sync Tagging 
Shared Services Service Service Service Service Service Service 


Messaging, Data, Us : . | , | 
Analytics Platform $6 kafka = @ceph ጄሪ elastic ST Y redis Qarlink 


cassandra 


Infrastructure and Logging Monitoring Config Mgmt. ... CI/CD B ioo M 
DevOps Toolchain SI 
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Qualys Cloud Applications 


Asset Inventory 


Maintain full, instant visibility of all your 
global IT assets 


CMDB Sync 


Synchronize asset information from 
Qualys into ServiceNow CMDB 


Certificate 
Inventory: s;ssi. digital certificates on 


a global scale 


ci | Cloud Inventory ር 


Inventory of all your cloud assets across 
AWS, Azure, GCP and others 


AAA O = 


Vulnerability Management 


Continuously detect and protect against 
attacks, anytime, anywhere 


Container Security 


Discover, track, and continuously protect 
containers 


Threat Protection 
Pinpoint your most critical threats 
and prioritize patching 

cra) Certificate Assessment 


Assess all your digital certificates for TLS/ 
SSL vulnerabilities 


c| Indication of Compromise 


Continuously monitor endpoints to detect 
suspicious activity 


Continuous Monitoring 


Alerts you in real time about network 
irregularities 


Patch Management (Beta) 


Select, manage, and deploy patches to 
remediate vulnerabilities 


| COMPLIANCE MONITORING | MONITORING 


Policy Compliance 


Assess security configurations of IT 
systems throughout your network 


Cloud Security 
Assessment, and control across 


all public cloud instances 


PCI Compliance 


Automate, simplify and attain PCI 
compliance quickly 


Security Assessment 
Questionnaire; doing business with 


vendors and other third parties 


File Integrity Monitoring (sca) Security Configuration 
Assessmenturation assessment of 


global IT assets 


Log and track file changes across global IT 
systems 


| WEB APPLICATION SECURITY| APPLICATION SECURITY 


(was) Web Application 


Scanningpplications with end-to-end 
protection 


(var) Web Application 
Firewall, and virtually patch web 


application vulnerabilities 
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Advanced Correlation & Analytics 


ML/AI Service Orchestration & Automation UEBA 
Patterns | Outlier | Predictive SOC Integration | Playbooks | Response User & Entity Behavior Analytics 
Threat Hunting Security Analytics Advanced Correlation 
Search | Exploration | Behavior Graph Anomaly | Visualization | Dashboard Actionable Insights | Out-of-box Rules 


Qualys Security Data Lake Platform 


Data Ingestion | Normalization | Enrichment | Governance 
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Network Security Server End Point Gualys Apps Apps Cloud Users loT 


Qualys Quick Connectors 


© Qualys. 


GUALYS SECURITY CONFERENCE 2018 


@sc. 


Thank You 


Sumedh Thakar 
sthakar@qualys.com 


